Skip to main content
Skip table of contents

OpenVPN Session in IGEL OS12

This article shows how to configure the authentication of the OpenVPN session in IGEL OS.

Menu path: Network > VPN > OpenVPN > [OpenVPN Connection] > Session

OpenVPN server(s)

Name or public IP address of the OpenVPN server. You can enter multiple values separated by commas.

Authentication type

  • TLS-Certificates: Authentication with user certificate and private key.

  • Name/Password: Authentication with user name and password.

  • Name/Password with TLS-Certificates: Combines name/password with user certificate.

  • Static Key: Authentication with a private key. No PKI infrastructure is needed for this.

TLS Certificates Authentication Type

Persistent storage of files is possible in the folder /wfs resp. subfolders of /wfs only.
Files stored under other paths will be lost when the device is rebooted.

Client certificate file

File with the client certificate. Enter a path relative to /wfs/OpenVPN.

CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.

Private key file

File with the private key. Enter a path relative to /wfs/OpenVPN.

Private key password

Password in case one is set for the private key.

If you have a PKCS#12 file which contains the client certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.

When you leave the Private key password option empty, a password dialog pops up when you start your openvpn session to enter the password. On versions below OS 12.4.0, the password dialog only works for keys based on RSA. Starting from OS version 12.4.0, EC keys are also supported.

Name/Password Authentication Type

User name

User name - if you leave this field empty, the user will be asked for it when establishing a connection.

Password required

☑ The user must enter a password. (Default)

Password

Password - if you leave this field empty, the user will be asked for it when establishing a connection.

CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.

Name/Password with TLS-Certificates Authentication Type

User name

User name - if you leave this field empty, the user will be asked for it when establishing a connection.

Password required

☑ The user must enter a password. (Default)

Password

Password - if you leave this field empty, the user will be asked for it when establishing a connection.

Client certificate file

File with the user certificate. Enter a path relative to /wfs/OpenVPN.

CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.

Private key file

File with the private key. Enter a path relative to /wfs/OpenVPN.

Private key password

Password in case one is set for the private key.

If you have a PKCS#12 file which contains the user certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.

Static Key Authentication Type

Private key file

File with the static key. Enter a path relative to /wfs/OpenVPN.

Key Direction

  • None: No key direction. (Default)

  • 0: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.

  • 1: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.

Remote IP address

The VPN IP address of the server

Local IP address

The VPN IP address of the client

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close